NotCVE - vendor:"Coppermine-gallery" product:"Coppermine Photo Gallery" version:"1.1"

Page 5 of 30 results (0.003 seconds)

CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 2

CVE-2007-0115

https://notcve.org/view.php?id=CVE-2007-0115

Static code injection vulnerability in Coppermine Photo Gallery 1.4.10 and earlier allows remote authenticated administrators to execute arbitrary PHP code via the Username to login.php, which is injected into an error message in security.log.php, which can then be accessed using viewlog.php. Vulnerabilidad de inyección de código estático en coppermine Photo Gallery 1.4.10 y anteriores permite a administradores autenticados remotamente ejecutar código PHP de su elección a través del Nombre de Usuario para login.php, el cual es inyectado dentro de un mensaje de error en security.log.php, que puede ser accedido utilizando viewlog.php. • http://acid-root.new.fr/poc/19070104.txt http://osvdb.org/33383 http://securityreason.com/securityalert/2107 http://www.attrition.org/pipermail/vim/2007-January/001218.html http://www.securityfocus.com/archive/1/456051/100/0/threaded •

CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0

CVE-2006-2514

https://notcve.org/view.php?id=CVE-2006-2514

Coppermine galleries before 1.4.6, when running on Apache with mod_mime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions. • http://secunia.com/advisories/20211 http://sourceforge.net/project/shownotes.php?group_id=89658&release_id=418266 http://www.vupen.com/english/advisories/2006/1892 https://exchange.xforce.ibmcloud.com/vulnerabilities/26588 •

CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0

CVE-2005-2676

https://notcve.org/view.php?id=CVE-2005-2676

Cross-site scripting (XSS) vulnerability in displayimage.php in Coppermine Photo Gallery before 1.3.4 allows remote attackers to inject arbitrary web script or HTML via EXIF data. • http://coppermine-gallery.net/forum/index.php?topic=20933.0 http://secunia.com/advisories/16499 http://securitytracker.com/id?1014799 http://www.securityfocus.com/bid/14625 •

CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0

CVE-2005-1172

https://notcve.org/view.php?id=CVE-2005-1172

Cross-site scripting (XSS) vulnerability in init.inc.php in Coppermine Photo Gallery 1.3.x allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For parameter. • http://coppermine.sourceforge.net/board/index.php?topic=17134 http://marc.info/?l=bugtraq&m=111383800707880&w=2 http://secunia.com/advisories/15004 http://www.securityfocus.com/bid/13218 •

CVSS: 5.0EPSS: 1%CPEs: 11EXPL: 2

CVE-2004-1984

https://notcve.org/view.php?id=CVE-2004-1984

Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers to obtain sensitive information via a direct HTTP request to (1) phpinfo.php, (2) addpic.php, (3) config.php, (4) db_input.php, (5) displayecard.php, (6) ecard.php, (7) crop.inc.php, which reveal the full path in a PHP error message. • http://marc.info/?l=bugtraq&m=108360247732014&w=2 http://secunia.com/advisories/11524 http://securitytracker.com/id?1010001 http://www.osvdb.org/5756 http://www.osvdb.org/6495 http://www.osvdb.org/6496 http://www.osvdb.org/6497 http://www.osvdb.org/6498 http://www.osvdb.org/6499 http://www.osvdb.org/6500 http://www.waraxe.us/index.php?modname=sa&id=26 https://exchange.xforce.ibmcloud.com/vulnerabilities/16039 •

1...3 4 5 6